Montric
Montric copied to clipboard
Published
20 hours ago •
joachimhs
joachimhs
Implement Accounts and Users
EurekaJ have up until now only had two types of users, admin and user. Each of these had access to the data and EurekaJ could only hold data for a single "account", or installation.
EurekaJ 1.5 introduces a new user structure, where the top-level user structure is an "Account".
EurekaJ can have multiple Accounts, and statistics, alerts, chart groups, etc. all belong to an account. All of the data currently stored needs to be tied into this account.
Each account can have multiple users. Users can have one or more of the following privileges:
- User, allows access to view the statistics, but not to administer the account. Users have access to the APIs, but only to the GET-operations. Users have a username. Passwords are stored with Mozilla Persona.
- Admin, allows access to view the statistics, and to administer the account. Admins have access to the full set of APIs for their account - GET, POST, PUT and DELETE. Admins have a username. Passwords are stored with Mozilla Persona.
- Data Client, allows access send in statistics. This user does not have a username, but is assigned a token which will identify which account it belongs to. This user will only be able to use POST on the incoming statistics API.
In addition to these users, the super user (which there will be exactly one of) will be able to administer registered accounts in order to:
- Create new accounts
- Change the account type
- Suspend accounts
- Delete accounts
